CVE-2017-14867
Summary: Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl...
Third Party Advisory
CVE-2016-4472
Summary: The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause...
CVE-2021-21246
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check...
CVE-2021-21247
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener...
CVE-2021-3134
Summary: Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878. Reference Links(if available): https://www.cnvd.org.cn/flaw/show/2638444 http://mubu.com/doc/d5501245199 CVSS...
CVE-2021-21241
Summary: The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a...
CVE-2019-9516
Summary: Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends...
CVE-2021-21241
Summary: The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a...
CVE-2020-35701
Summary: An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers...
CVE-2017-20001
Summary: The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027....
CVE-2018-25002
Summary: uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not...
CVE-2020-17367
Summary: Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command...
CVE-2020-27279
Summary: A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted...
CVE-2016-20003
Summary: The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's...
CVE-2020-35894
Summary: An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur. Reference Links(if available):...
CVE-2020-35889
Summary: An issue was discovered in the crayon crate through 2020-08-31 for Rust. A TOCTOU issue has a resultant memory...
CVE-2020-35269
Summary: Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding –...
CVE-2020-13654
Summary: XWiki Platform before 12.8 mishandles escaping in the property displayer. Reference Links(if available): https://github.com/xwiki/xwiki-platform/compare/xwiki-platform-12.7.1...xwiki-platform-12.8 https://jira.xwiki.org/browse/XWIKI-17374 https://github.com/xwiki/xwiki-platform/pull/1315 CVSS Score (if...
CVE-2020-25845
Summary: Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected...
